npm - @moovio/sdk - Versions diffs - 0.0.0-dev.17 → 0.0.0-dev.19 - Mend

@moovio/sdk 0.0.0-dev.17 → 0.0.0-dev.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (111) hide show

package/README.md +75 -60
package/bin/mcp-server.js +1295 -966
package/bin/mcp-server.js.map +25 -16
package/funcs/cardsGetMetadata.d.ts +21 -0
package/funcs/cardsGetMetadata.d.ts.map +1 -0
package/funcs/cardsGetMetadata.js +126 -0
package/funcs/cardsGetMetadata.js.map +1 -0
package/hooks/access-token-hook.d.ts +25 -0
package/hooks/access-token-hook.d.ts.map +1 -0
package/hooks/access-token-hook.js +60 -0
package/hooks/access-token-hook.js.map +1 -0
package/hooks/registration.d.ts.map +1 -1
package/hooks/registration.js +4 -0
package/hooks/registration.js.map +1 -1
package/jsr.json +1 -1
package/lib/config.d.ts +7 -3
package/lib/config.d.ts.map +1 -1
package/lib/config.js +3 -3
package/lib/config.js.map +1 -1
package/mcp-server/cli/start/command.d.ts.map +1 -1
package/mcp-server/cli/start/command.js +8 -0
package/mcp-server/cli/start/command.js.map +1 -1
package/mcp-server/cli/start/impl.d.ts +1 -0
package/mcp-server/cli/start/impl.d.ts.map +1 -1
package/mcp-server/cli/start/impl.js +2 -0
package/mcp-server/cli/start/impl.js.map +1 -1
package/mcp-server/mcp-server.js +1 -1
package/mcp-server/server.d.ts +1 -0
package/mcp-server/server.d.ts.map +1 -1
package/mcp-server/server.js +4 -1
package/mcp-server/server.js.map +1 -1
package/mcp-server/tools/cardsGetMetadata.d.ts +8 -0
package/mcp-server/tools/cardsGetMetadata.d.ts.map +1 -0
package/mcp-server/tools/cardsGetMetadata.js +67 -0
package/mcp-server/tools/cardsGetMetadata.js.map +1 -0
package/models/components/cardmetadata.d.ts +91 -0
package/models/components/cardmetadata.d.ts.map +1 -0
package/models/components/cardmetadata.js +85 -0
package/models/components/cardmetadata.js.map +1 -0
package/models/components/cardmetadatarequest.d.ts +30 -0
package/models/components/cardmetadatarequest.d.ts.map +1 -0
package/models/components/cardmetadatarequest.js +62 -0
package/models/components/cardmetadatarequest.js.map +1 -0
package/models/components/collectionpaymentmethodtype.d.ts +1 -0
package/models/components/collectionpaymentmethodtype.d.ts.map +1 -1
package/models/components/collectionpaymentmethodtype.js +1 -0
package/models/components/collectionpaymentmethodtype.js.map +1 -1
package/models/components/createreversal.d.ts +6 -0
package/models/components/createreversal.d.ts.map +1 -1
package/models/components/createreversal.js +3 -0
package/models/components/createreversal.js.map +1 -1
package/models/components/index.d.ts +4 -0
package/models/components/index.d.ts.map +1 -1
package/models/components/index.js +4 -0
package/models/components/index.js.map +1 -1
package/models/components/reversalamountdetails.d.ts +21 -0
package/models/components/reversalamountdetails.d.ts.map +1 -0
package/models/components/reversalamountdetails.js +60 -0
package/models/components/reversalamountdetails.js.map +1 -0
package/models/components/reversalamountdetailsvalidationerror.d.ts +17 -0
package/models/components/reversalamountdetailsvalidationerror.d.ts.map +1 -0
package/models/components/reversalamountdetailsvalidationerror.js +59 -0
package/models/components/reversalamountdetailsvalidationerror.js.map +1 -0
package/models/errors/cardmetadatarequesterror.d.ts +31 -0
package/models/errors/cardmetadatarequesterror.d.ts.map +1 -0
package/models/errors/cardmetadatarequesterror.js +85 -0
package/models/errors/cardmetadatarequesterror.js.map +1 -0
package/models/errors/index.d.ts +1 -0
package/models/errors/index.d.ts.map +1 -1
package/models/errors/index.js +1 -0
package/models/errors/index.js.map +1 -1
package/models/errors/reversalvalidationerror.d.ts +4 -0
package/models/errors/reversalvalidationerror.d.ts.map +1 -1
package/models/errors/reversalvalidationerror.js +6 -0
package/models/errors/reversalvalidationerror.js.map +1 -1
package/models/operations/getcardmetadata.d.ts +24 -0
package/models/operations/getcardmetadata.d.ts.map +1 -0
package/models/operations/getcardmetadata.js +72 -0
package/models/operations/getcardmetadata.js.map +1 -0
package/models/operations/index.d.ts +1 -0
package/models/operations/index.d.ts.map +1 -1
package/models/operations/index.js +1 -0
package/models/operations/index.js.map +1 -1
package/package.json +1 -1
package/sdk/cards.d.ts +10 -0
package/sdk/cards.d.ts.map +1 -1
package/sdk/cards.js +12 -0
package/sdk/cards.js.map +1 -1
package/src/funcs/cardsGetMetadata.ts +184 -0
package/src/hooks/access-token-hook.ts +73 -0
package/src/hooks/registration.ts +5 -0
package/src/lib/config.ts +8 -3
package/src/mcp-server/cli/start/command.ts +9 -0
package/src/mcp-server/cli/start/impl.ts +3 -0
package/src/mcp-server/mcp-server.ts +1 -1
package/src/mcp-server/server.ts +5 -1
package/src/mcp-server/tools/cardsGetMetadata.ts +41 -0
package/src/models/components/cardmetadata.ts +160 -0
package/src/models/components/cardmetadatarequest.ts +72 -0
package/src/models/components/collectionpaymentmethodtype.ts +1 -0
package/src/models/components/createreversal.ts +13 -0
package/src/models/components/index.ts +4 -0
package/src/models/components/reversalamountdetails.ts +61 -0
package/src/models/components/reversalamountdetailsvalidationerror.ts +55 -0
package/src/models/errors/cardmetadatarequesterror.ts +80 -0
package/src/models/errors/index.ts +1 -0
package/src/models/errors/reversalvalidationerror.ts +12 -0
package/src/models/operations/getcardmetadata.ts +67 -0
package/src/models/operations/index.ts +1 -0
package/src/sdk/cards.ts +21 -0
package/test/tests/accessToken.test.ts +86 -0

package/sdk/cards.js CHANGED Viewed

@@ -6,6 +6,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.Cards = void 0;
 const cardsDisable_js_1 = require("../funcs/cardsDisable.js");
 const cardsGet_js_1 = require("../funcs/cardsGet.js");
+const cardsGetMetadata_js_1 = require("../funcs/cardsGetMetadata.js");
 const cardsLink_js_1 = require("../funcs/cardsLink.js");
 const cardsList_js_1 = require("../funcs/cardsList.js");
 const cardsUpdate_js_1 = require("../funcs/cardsUpdate.js");
@@ -84,6 +85,17 @@ class Cards extends sdks_js_1.ClientSDK {
     async disable(request, options) {
         return (0, fp_js_1.unwrapAsync)((0, cardsDisable_js_1.cardsDisable)(this, request, options));
     }
+    /**
+     * Look up metadata for a card without linking it to a Moov account.
+     *
+     * Only use this endpoint if you have provided Moov with a copy of your PCI attestation of compliance.
+     *
+     * To access this endpoint using an [access token](https://docs.moov.io/api/authentication/access-tokens/)
+     * you'll need to specify the `/card-metadata.read` scope.
+     */
+    async getMetadata(request, options) {
+        return (0, fp_js_1.unwrapAsync)((0, cardsGetMetadata_js_1.cardsGetMetadata)(this, request, options));
+    }
 }
 exports.Cards = Cards;
 //# sourceMappingURL=cards.js.map

package/sdk/cards.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"cards.js","sourceRoot":"","sources":["../src/sdk/cards.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,8DAAwD;AACxD,sDAAgD;AAChD,wDAAkD;AAClD,wDAAkD;AAClD,4DAAsD;AACtD,4CAA2D;~~AAE3D~~,0CAA6C;AAE7C,MAAa,KAAM,SAAQ,mBAAS;IAClC;;;;;;;;;;;;;;;;;;;OAmBG;IACH,KAAK,CAAC,IAAI,CACR,OAAmC,EACnC,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,wBAAS,EAC1B,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,IAAI,CACR,OAAoC,EACpC,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,wBAAS,EAC1B,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,GAAG,CACP,OAAkC,EAClC,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,sBAAQ,EACzB,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,KAAK,CAAC,MAAM,CACV,OAAqC,EACrC,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,4BAAW,EAC5B,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,OAAO,CACX,OAAsC,EACtC,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,8BAAY,EAC7B,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;CACF;~~AAhHD~~,~~sBAgHC~~"}
1	+ {"version":3,"file":"cards.js","sourceRoot":"","sources":["../src/sdk/cards.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,8DAAwD;AACxD,sDAAgD;AAChD,sEAAgE;AAChE,wDAAkD;AAClD,wDAAkD;AAClD,4DAAsD;AACtD,4CAA2D;AAG3D,0CAA6C;AAE7C,MAAa,KAAM,SAAQ,mBAAS;IAClC;;;;;;;;;;;;;;;;;;;OAmBG;IACH,KAAK,CAAC,IAAI,CACR,OAAmC,EACnC,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,wBAAS,EAC1B,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,IAAI,CACR,OAAoC,EACpC,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,wBAAS,EAC1B,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,GAAG,CACP,OAAkC,EAClC,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,sBAAQ,EACzB,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,KAAK,CAAC,MAAM,CACV,OAAqC,EACrC,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,4BAAW,EAC5B,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,OAAO,CACX,OAAsC,EACtC,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,8BAAY,EAC7B,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,WAAW,CACf,OAAuC,EACvC,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,sCAAgB,EACjC,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;CACF;AAnID,sBAmIC"}

package/src/funcs/cardsGetMetadata.ts ADDED Viewed

@@ -0,0 +1,184 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+import { MoovCore } from "../core.js";
+import { encodeJSON } from "../lib/encodings.js";
+import { matchStatusCode } from "../lib/http.js";
+import * as M from "../lib/matchers.js";
+import { compactMap } from "../lib/primitives.js";
+import { safeParse } from "../lib/schemas.js";
+import { RequestOptions } from "../lib/sdks.js";
+import { extractSecurity, resolveGlobalSecurity } from "../lib/security.js";
+import { pathToFunc } from "../lib/url.js";
+import * as components from "../models/components/index.js";
+import {
+  ConnectionError,
+  InvalidRequestError,
+  RequestAbortedError,
+  RequestTimeoutError,
+  UnexpectedClientError,
+} from "../models/errors/httpclienterrors.js";
+import * as errors from "../models/errors/index.js";
+import { MoovError } from "../models/errors/mooverror.js";
+import { ResponseValidationError } from "../models/errors/responsevalidationerror.js";
+import { SDKValidationError } from "../models/errors/sdkvalidationerror.js";
+import * as operations from "../models/operations/index.js";
+import { APICall, APIPromise } from "../types/async.js";
+import { Result } from "../types/fp.js";
+/**
+ * Look up metadata for a card without linking it to a Moov account.
+ *
+ * Only use this endpoint if you have provided Moov with a copy of your PCI attestation of compliance.
+ *
+ * To access this endpoint using an [access token](https://docs.moov.io/api/authentication/access-tokens/)
+ * you'll need to specify the `/card-metadata.read` scope.
+ */
+export function cardsGetMetadata(
+  client: MoovCore,
+  request: components.CardMetadataRequest,
+  options?: RequestOptions,
+): APIPromise<
+  Result<
+    operations.GetCardMetadataResponse,
+    | errors.GenericError
+    | errors.CardMetadataRequestError
+    | MoovError
+    | ResponseValidationError
+    | ConnectionError
+    | RequestAbortedError
+    | RequestTimeoutError
+    | InvalidRequestError
+    | UnexpectedClientError
+    | SDKValidationError
+  >
+> {
+  return new APIPromise($do(
+    client,
+    request,
+    options,
+  ));
+}
+async function $do(
+  client: MoovCore,
+  request: components.CardMetadataRequest,
+  options?: RequestOptions,
+): Promise<
+  [
+    Result<
+      operations.GetCardMetadataResponse,
+      | errors.GenericError
+      | errors.CardMetadataRequestError
+      | MoovError
+      | ResponseValidationError
+      | ConnectionError
+      | RequestAbortedError
+      | RequestTimeoutError
+      | InvalidRequestError
+      | UnexpectedClientError
+      | SDKValidationError
+    >,
+    APICall,
+  ]
+> {
+  const parsed = safeParse(
+    request,
+    (value) => components.CardMetadataRequest$outboundSchema.parse(value),
+    "Input validation failed",
+  );
+  if (!parsed.ok) {
+    return [parsed, { status: "invalid" }];
+  }
+  const payload = parsed.value;
+  const body = encodeJSON("body", payload, { explode: true });
+  const path = pathToFunc("/card-metadata")();
+  const headers = new Headers(compactMap({
+    "Content-Type": "application/json",
+    Accept: "application/json",
+  }));
+  const securityInput = await extractSecurity(client._options.security);
+  const requestSecurity = resolveGlobalSecurity(securityInput);
+  const context = {
+    options: client._options,
+    baseURL: options?.serverURL ?? client._baseURL ?? "",
+    operationID: "getCardMetadata",
+    oAuth2Scopes: null,
+    resolvedSecurity: requestSecurity,
+    securitySource: client._options.security,
+    retryConfig: options?.retries
+      || client._options.retryConfig
+      || { strategy: "none" },
+    retryCodes: options?.retryCodes || ["429", "500", "502", "503", "504"],
+  };
+  const requestRes = client._createRequest(context, {
+    security: requestSecurity,
+    method: "POST",
+    baseURL: options?.serverURL,
+    path: path,
+    headers: headers,
+    body: body,
+    userAgent: client._options.userAgent,
+    timeoutMs: options?.timeoutMs || client._options.timeoutMs || -1,
+  }, options);
+  if (!requestRes.ok) {
+    return [requestRes, { status: "invalid" }];
+  }
+  const req = requestRes.value;
+  const doResult = await client._do(req, {
+    context,
+    isErrorStatusCode: (statusCode: number) =>
+      matchStatusCode({ status: statusCode } as Response, ["4XX", "5XX"]),
+    retryConfig: context.retryConfig,
+    retryCodes: context.retryCodes,
+  });
+  if (!doResult.ok) {
+    return [doResult, { status: "request-error", request: req }];
+  }
+  const response = doResult.value;
+  const responseFields = {
+    HttpMeta: { Response: response, Request: req },
+  };
+  const [result] = await M.match<
+    operations.GetCardMetadataResponse,
+    | errors.GenericError
+    | errors.CardMetadataRequestError
+    | MoovError
+    | ResponseValidationError
+    | ConnectionError
+    | RequestAbortedError
+    | RequestTimeoutError
+    | InvalidRequestError
+    | UnexpectedClientError
+    | SDKValidationError
+  >(
+    M.json(200, operations.GetCardMetadataResponse$inboundSchema, {
+      hdrs: true,
+      key: "Result",
+    }),
+    M.jsonErr([400, 409], errors.GenericError$inboundSchema, { hdrs: true }),
+    M.jsonErr(422, errors.CardMetadataRequestError$inboundSchema, {
+      hdrs: true,
+    }),
+    M.fail([401, 403, 404, 429]),
+    M.fail([500, 504]),
+    M.fail("4XX"),
+    M.fail("5XX"),
+  )(response, req, { extraFields: responseFields });
+  if (!result.ok) {
+    return [result, { status: "complete", request: req, response }];
+  }
+  return [result, { status: "complete", request: req, response }];
+}

package/src/hooks/access-token-hook.ts ADDED Viewed

@@ -0,0 +1,73 @@
+import { SDKOptions } from "../lib/config.js";
+import {
+  BeforeRequestContext,
+  BeforeRequestHook,
+  SDKInitHook,
+} from "./types.js";
+const gt: unknown = typeof globalThis === "undefined" ? null : globalThis;
+const webWorkerLike = typeof gt === "object"
+  && gt != null
+  && "importScripts" in gt
+  && typeof gt["importScripts"] === "function";
+const isBrowserLike = webWorkerLike
+  || (typeof navigator !== "undefined" && "serviceWorker" in navigator)
+  || (typeof window === "object" && typeof window.document !== "undefined");
+/**
+ * Applies bearer-token authentication and validates auth-related SDK
+ * options at construction time.
+ *
+ * `accessToken` is exposed as a top-level SDK option via the
+ * `x-speakeasy-globals` overlay in `.speakeasy/overlays/access-token.yaml`.
+ * Speakeasy doesn't auto-send it (no operation declares a matching
+ * parameter), so this hook is responsible for translating it into the
+ * `Authorization: Bearer …` header.
+ *
+ * HTTP Basic credentials (`security.username` / `security.password`) are
+ * still handled automatically by Speakeasy's generated security pipeline.
+ *
+ * Validation rules enforced at SDK init:
+ *   - `accessToken` and `security.username`/`password` cannot both be set.
+ *   - HTTP Basic credentials are rejected in browser-like environments.
+ *     Browsers must use `accessToken` instead.
+ */
+export class AccessTokenHook implements SDKInitHook, BeforeRequestHook {
+  sdkInit(opts: SDKOptions): SDKOptions {
+    const token = (opts as SDKOptions & { accessToken: string }).accessToken;
+    const hasToken = typeof token === "string" && token.length > 0;
+    if (hasToken && opts.security != null) {
+      throw new Error(
+        "Moov SDK: `accessToken` and `security.username`/`password` cannot "
+          + "both be set. Use `accessToken` for OAuth2 bearer auth "
+          + "(typically client-side) or `security.username`/`password` for "
+          + "HTTP Basic auth with API keys (server-side).",
+      );
+    }
+    if (isBrowserLike && opts.security != null) {
+      throw new Error(
+        "Moov SDK: HTTP Basic credentials were provided in a browser-like "
+          + "environment. API keys must never be embedded in client-side "
+          + "code. Mint a short-lived OAuth2 access token on your server "
+          + "and pass it via the `accessToken` option instead.",
+      );
+    }
+    return opts;
+  }
+  beforeRequest(ctx: BeforeRequestContext, request: Request): Request {
+    const token = (ctx.options as SDKOptions & { accessToken: string }).accessToken;
+    // Bail early if there's no token or the request already has an Authorization header.
+    if (!token || request.headers.has("Authorization")) {
+      return request;
+    }
+    const next = new Request(request);
+    next.headers.set("Authorization", `Bearer ${token}`);
+    return next;
+  }
+}

package/src/hooks/registration.ts CHANGED Viewed

@@ -1,3 +1,4 @@
+import { AccessTokenHook } from "./access-token-hook.js";
 import { MoovVersionHook } from "./moov-version-hook.js";
 import { Hooks } from "./types.js";
@@ -14,4 +15,8 @@ export function initHooks(hooks: Hooks) {
   const versionHook = new MoovVersionHook();
   hooks.registerBeforeRequestHook(versionHook);
+  const accessTokenHook = new AccessTokenHook();
+  hooks.registerSDKInitHook(accessTokenHook);
+  hooks.registerBeforeRequestHook(accessTokenHook);
 }

package/src/lib/config.ts CHANGED Viewed

@@ -27,6 +27,11 @@ export type SDKOptions = {
     | (() => Promise<components.Security>)
     | undefined;
+  /**
+   * Allows setting the accessToken parameter for all supported operations
+   */
+  accessToken?: string | undefined;
   httpClient?: HTTPClient;
   /**
    * Allows overriding the default server used by the SDK
@@ -68,7 +73,7 @@ export function serverURLFromOptions(options: SDKOptions): URL | null {
 export const SDK_METADATA = {
   language: "typescript",
   openapiDocVersion: "dev",
-  sdkVersion: "0.0.0-dev.17",
-  genVersion: "2.881.17",
-  userAgent: "speakeasy-sdk/typescript 0.0.0-dev.17 2.881.17 dev @moovio/sdk",
+  sdkVersion: "0.0.0-dev.19",
+  genVersion: "2.882.0",
+  userAgent: "speakeasy-sdk/typescript 0.0.0-dev.19 2.882.0 dev @moovio/sdk",
 } as const;

package/src/mcp-server/cli/start/command.ts CHANGED Viewed

@@ -51,6 +51,15 @@ export const startCommand = buildCommand({
           return z.string().parse(value);
         },
       },
+      "access-token": {
+        kind: "parsed",
+        brief:
+          "Allows setting the accessToken parameter for all supported operations",
+        optional: true,
+        parse: (value) => {
+          return z.string().parse(value);
+        },
+      },
       "server-url": {
         kind: "parsed",
         brief: "Overrides the default server URL used by the SDK",

package/src/mcp-server/cli/start/impl.ts CHANGED Viewed

@@ -20,6 +20,7 @@ interface StartCommandFlags {
   readonly tool?: string[];
   readonly username?: string | undefined;
   readonly password?: string | undefined;
+  readonly "access-token"?: SDKOptions["accessToken"] | undefined;
   readonly "server-url"?: string;
   readonly "server-index"?: SDKOptions["serverIdx"];
   readonly "log-level": ConsoleLoggerLevel;
@@ -53,6 +54,7 @@ async function startStdio(flags: StartCommandFlags) {
       username: flags.username ?? "",
       password: flags.password ?? "",
     }),
+    accessToken: flags["access-token"],
     serverURL: flags["server-url"],
     serverIdx: flags["server-index"],
   });
@@ -76,6 +78,7 @@ async function startSSE(flags: StartCommandFlags) {
       username: flags.username ?? "",
       password: flags.password ?? "",
     }),
+    accessToken: flags["access-token"],
     serverURL: flags["server-url"],
     serverIdx: flags["server-index"],
   });

package/src/mcp-server/mcp-server.ts CHANGED Viewed

@@ -19,7 +19,7 @@ const routes = buildRouteMap({
 export const app = buildApplication(routes, {
   name: "mcp",
   versionInfo: {
-    currentVersion: "0.0.0-dev.17",
+    currentVersion: "0.0.0-dev.19",
   },
 });

package/src/mcp-server/server.ts CHANGED Viewed

@@ -61,6 +61,7 @@ import { tool$cardIssuingRequest } from "./tools/cardIssuingRequest.js";
 import { tool$cardIssuingUpdate } from "./tools/cardIssuingUpdate.js";
 import { tool$cardsDisable } from "./tools/cardsDisable.js";
 import { tool$cardsGet } from "./tools/cardsGet.js";
+import { tool$cardsGetMetadata } from "./tools/cardsGetMetadata.js";
 import { tool$cardsLink } from "./tools/cardsLink.js";
 import { tool$cardsList } from "./tools/cardsList.js";
 import { tool$cardsUpdate } from "./tools/cardsUpdate.js";
@@ -207,15 +208,17 @@ export function createMCPServer(deps: {
   scopes?: MCPScope[] | undefined;
   serverURL?: string | undefined;
   security?: SDKOptions["security"] | undefined;
+  accessToken?: SDKOptions["accessToken"] | undefined;
   serverIdx?: SDKOptions["serverIdx"] | undefined;
 }) {
   const server = new McpServer({
     name: "Moov",
-    version: "0.0.0-dev.17",
+    version: "0.0.0-dev.19",
   });
   const client = new MoovCore({
     security: deps.security,
+    accessToken: deps.accessToken,
     serverURL: deps.serverURL,
     serverIdx: deps.serverIdx,
   });
@@ -280,6 +283,7 @@ export function createMCPServer(deps: {
   tool(tool$cardsGet);
   tool(tool$cardsUpdate);
   tool(tool$cardsDisable);
+  tool(tool$cardsGetMetadata);
   tool(tool$disputesList);
   tool(tool$disputesGet);
   tool(tool$disputesAccept);

package/src/mcp-server/tools/cardsGetMetadata.ts ADDED Viewed

@@ -0,0 +1,41 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+import { cardsGetMetadata } from "../../funcs/cardsGetMetadata.js";
+import * as components from "../../models/components/index.js";
+import { formatResult, ToolDefinition } from "../tools.js";
+const args = {
+  request: components.CardMetadataRequest$inboundSchema,
+};
+export const tool$cardsGetMetadata: ToolDefinition<typeof args> = {
+  name: "cards-get-metadata",
+  description:
+    `Look up metadata for a card without linking it to a Moov account.
+Only use this endpoint if you have provided Moov with a copy of your PCI attestation of compliance.
+To access this endpoint using an [access token](https://docs.moov.io/api/authentication/access-tokens/)
+you'll need to specify the \`/card-metadata.read\` scope.`,
+  args,
+  tool: async (client, args, ctx) => {
+    const [result, apiCall] = await cardsGetMetadata(
+      client,
+      args.request,
+      { fetchOptions: { signal: ctx.signal } },
+    ).$inspect();
+    if (!result.ok) {
+      return {
+        content: [{ type: "text", text: result.error.message }],
+        isError: true,
+      };
+    }
+    const value = result.value.result;
+    return formatResult(value, apiCall);
+  },
+};

package/src/models/components/cardmetadata.ts ADDED Viewed

@@ -0,0 +1,160 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+import * as z from "zod/v3";
+import { safeParse } from "../../lib/schemas.js";
+import { Result as SafeParseResult } from "../../types/fp.js";
+import * as types from "../../types/primitives.js";
+import { SDKValidationError } from "../errors/sdkvalidationerror.js";
+import {
+  CardBrand,
+  CardBrand$inboundSchema,
+  CardBrand$outboundSchema,
+} from "./cardbrand.js";
+import {
+  CardType,
+  CardType$inboundSchema,
+  CardType$outboundSchema,
+} from "./cardtype.js";
+import {
+  DomesticPullFromCard,
+  DomesticPullFromCard$inboundSchema,
+  DomesticPullFromCard$outboundSchema,
+} from "./domesticpullfromcard.js";
+import {
+  DomesticPushToCard,
+  DomesticPushToCard$inboundSchema,
+  DomesticPushToCard$outboundSchema,
+} from "./domesticpushtocard.js";
+/**
+ * Metadata describing a card.
+ */
+export type CardMetadata = {
+  /**
+   * The first six to eight digits of the card number, which identifies the financial institution that issued the card.
+   */
+  bin: string;
+  /**
+   * The card brand.
+   */
+  brand: CardBrand;
+  /**
+   * The category or level of the card defined by the issuer.
+   *
+   * @remarks
+   * Examples include, but not limited to, "REWARDS", "TRADITIONAL REWARDS", "CLASSIC", and "CORPORATE PURCHASING".
+   */
+  cardCategory?: string | undefined;
+  /**
+   * The type of the card.
+   */
+  cardType: CardType;
+  /**
+   * If true, the card is for commercial use, or associated with a business.
+   *
+   * @remarks
+   * If false, the card is associated with a general consumer.
+   */
+  commercial?: boolean | undefined;
+  /**
+   * If true, the card issuing bank is regulated, and the scheme fees for debit transactions will be limited based on the Durbin Amendment.
+   *
+   * @remarks
+   * If false, the card issuing bank is not regulated, and the scheme fees will not be limited.
+   */
+  regulated?: boolean | undefined;
+  /**
+   * Financial institution that issued the card.
+   */
+  issuer?: string | undefined;
+  /**
+   * Country where the card was issued.
+   */
+  issuerCountry?: string | undefined;
+  /**
+   * Phone number of the issuer.
+   */
+  issuerPhone?: string | undefined;
+  /**
+   * URL of the issuer.
+   */
+  issuerURL?: string | undefined;
+  /**
+   * Indicates if the card supports domestic pull-from-card transfer.
+   */
+  domesticPullFromCard?: DomesticPullFromCard | undefined;
+  /**
+   * Indicates which level of domestic push-to-card transfer is supported by the card, if any.
+   */
+  domesticPushToCard?: DomesticPushToCard | undefined;
+};
+/** @internal */
+export const CardMetadata$inboundSchema: z.ZodType<
+  CardMetadata,
+  z.ZodTypeDef,
+  unknown
+> = z.object({
+  bin: types.string(),
+  brand: CardBrand$inboundSchema,
+  cardCategory: types.optional(types.string()),
+  cardType: CardType$inboundSchema,
+  commercial: types.optional(types.boolean()),
+  regulated: types.optional(types.boolean()),
+  issuer: types.optional(types.string()),
+  issuerCountry: types.optional(types.string()),
+  issuerPhone: types.optional(types.string()),
+  issuerURL: types.optional(types.string()),
+  domesticPullFromCard: types.optional(DomesticPullFromCard$inboundSchema),
+  domesticPushToCard: types.optional(DomesticPushToCard$inboundSchema),
+});
+/** @internal */
+export type CardMetadata$Outbound = {
+  bin: string;
+  brand: string;
+  cardCategory?: string | undefined;
+  cardType: string;
+  commercial?: boolean | undefined;
+  regulated?: boolean | undefined;
+  issuer?: string | undefined;
+  issuerCountry?: string | undefined;
+  issuerPhone?: string | undefined;
+  issuerURL?: string | undefined;
+  domesticPullFromCard?: string | undefined;
+  domesticPushToCard?: string | undefined;
+};
+/** @internal */
+export const CardMetadata$outboundSchema: z.ZodType<
+  CardMetadata$Outbound,
+  z.ZodTypeDef,
+  CardMetadata
+> = z.object({
+  bin: z.string(),
+  brand: CardBrand$outboundSchema,
+  cardCategory: z.string().optional(),
+  cardType: CardType$outboundSchema,
+  commercial: z.boolean().optional(),
+  regulated: z.boolean().optional(),
+  issuer: z.string().optional(),
+  issuerCountry: z.string().optional(),
+  issuerPhone: z.string().optional(),
+  issuerURL: z.string().optional(),
+  domesticPullFromCard: DomesticPullFromCard$outboundSchema.optional(),
+  domesticPushToCard: DomesticPushToCard$outboundSchema.optional(),
+});
+export function cardMetadataToJSON(cardMetadata: CardMetadata): string {
+  return JSON.stringify(CardMetadata$outboundSchema.parse(cardMetadata));
+}
+export function cardMetadataFromJSON(
+  jsonString: string,
+): SafeParseResult<CardMetadata, SDKValidationError> {
+  return safeParse(
+    jsonString,
+    (x) => CardMetadata$inboundSchema.parse(JSON.parse(x)),
+    `Failed to parse 'CardMetadata' from JSON`,
+  );
+}

package/src/models/components/cardmetadatarequest.ts ADDED Viewed

@@ -0,0 +1,72 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+import * as z from "zod/v3";
+import { safeParse } from "../../lib/schemas.js";
+import { Result as SafeParseResult } from "../../types/fp.js";
+import * as types from "../../types/primitives.js";
+import { SDKValidationError } from "../errors/sdkvalidationerror.js";
+import {
+  E2EEToken,
+  E2EEToken$inboundSchema,
+  E2EEToken$Outbound,
+  E2EEToken$outboundSchema,
+} from "./e2eetoken.js";
+export type CardMetadataRequest = {
+  /**
+   * Wraps a compact-serialized JSON Web Encryption (JWE) token used for secure transmission of sensitive data (e.g., PCI information) through intermediaries.
+   *
+   * @remarks
+   * This token is encrypted using the public key from /end-to-end-keys and wraps an AES key. For details and examples, refer to our
+   * [GitHub repository](https://github.com/moovfinancial/moov-go/blob/main/examples/e2ee/e2ee_test.go).
+   */
+  e2ee?: E2EEToken | undefined;
+  /**
+   * The full card number (PAN).
+   */
+  cardNumber?: string | undefined;
+};
+/** @internal */
+export const CardMetadataRequest$inboundSchema: z.ZodType<
+  CardMetadataRequest,
+  z.ZodTypeDef,
+  unknown
+> = z.object({
+  e2ee: types.optional(E2EEToken$inboundSchema),
+  cardNumber: types.optional(types.string()),
+});
+/** @internal */
+export type CardMetadataRequest$Outbound = {
+  e2ee?: E2EEToken$Outbound | undefined;
+  cardNumber?: string | undefined;
+};
+/** @internal */
+export const CardMetadataRequest$outboundSchema: z.ZodType<
+  CardMetadataRequest$Outbound,
+  z.ZodTypeDef,
+  CardMetadataRequest
+> = z.object({
+  e2ee: E2EEToken$outboundSchema.optional(),
+  cardNumber: z.string().optional(),
+});
+export function cardMetadataRequestToJSON(
+  cardMetadataRequest: CardMetadataRequest,
+): string {
+  return JSON.stringify(
+    CardMetadataRequest$outboundSchema.parse(cardMetadataRequest),
+  );
+}
+export function cardMetadataRequestFromJSON(
+  jsonString: string,
+): SafeParseResult<CardMetadataRequest, SDKValidationError> {
+  return safeParse(
+    jsonString,
+    (x) => CardMetadataRequest$inboundSchema.parse(JSON.parse(x)),
+    `Failed to parse 'CardMetadataRequest' from JSON`,
+  );
+}